1 |
On 23 Sep 2009, at 22:35, James wrote: |
2 |
> ... |
3 |
> I have one static IP |
4 |
> ... Could someone post |
5 |
> some simple iptable examples of how to route 2 different |
6 |
> web server traffic streams to 2 different machines? |
7 |
> |
8 |
> Both are inside the same DMZ....2 different machines |
9 |
> with different (NAT) IP addresses. |
10 |
|
11 |
Can't be done. |
12 |
|
13 |
Inherently, a client requesting a webpage looks up the IP address for |
14 |
bigbreastedmommas.com, finds its 24.73.161.102 (or whatever) and send |
15 |
an http request to port 80 of that IP. |
16 |
|
17 |
There is no way for IPtables to distinguish between an http request to |
18 |
bigbreastedmommas.com at 24.73.161.102 and an http request to |
19 |
bouncyboobs.com at 24.73.161.102, assuming both are on port 80. |
20 |
|
21 |
I would LOVE to be proved wrong on this, because it would be immensely |
22 |
useful for NATted geeks. However an iptables module to do this |
23 |
certainly did not exist in the past, and I'm guessing there are |
24 |
protocol-specific reasons why it can't be done. |
25 |
|
26 |
What you can do is forward port 80 to one machine and have that proxy |
27 |
to the other when necessary. Or have it redirect to the other, which |
28 |
listens on port 81. |
29 |
|
30 |
Stroller. |